From b9ccb62d35a755efb505d426ce924d5a8fbe937a Mon Sep 17 00:00:00 2001 From: "Bonato, Martin" Date: Thu, 8 Feb 2018 22:19:55 +0100 Subject: BulkSignature implementation --- .../gv/egiz/bku/online/applet/AppletBKUWorker.java | 8 +- .../egiz/bku/online/applet/AppletSecureViewer.java | 100 ++++++++++++++++++--- .../at/gv/egiz/stal/client/STALServiceTest.java | 4 +- 3 files changed, 97 insertions(+), 15 deletions(-) (limited to 'BKUApplet/src') diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java index 67c3f9af..d89611a6 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java @@ -25,8 +25,10 @@ package at.gv.egiz.bku.online.applet; import at.gv.egiz.bku.smccstal.AbstractBKUWorker; +import at.gv.egiz.bku.smccstal.BulkSignRequestHandler; import at.gv.egiz.bku.gui.BKUGUIFacade; import at.gv.egiz.bku.smccstal.SignRequestHandler; +import at.gv.egiz.stal.BulkSignRequest; import at.gv.egiz.stal.STALRequest; import at.gv.egiz.stal.STALResponse; import at.gv.egiz.stal.SignRequest; @@ -85,6 +87,8 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { new AppletSecureViewer(gui, stalPort, sessionId); addRequestHandler(SignRequest.class, new SignRequestHandler(secureViewer)); + addRequestHandler(BulkSignRequest.class, + new BulkSignRequestHandler(secureViewer)); GetNextRequestResponseType nextRequestResp = stalPort.connect(sessionId); @@ -93,7 +97,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { List> responses = new ArrayList>(); try { - requests = nextRequestResp.getInfoboxReadRequestOrSignRequestOrQuitRequest(); + requests = nextRequestResp.getInfoboxReadRequestOrSignRequestOrBulkSignRequest(); responses.clear(); // (rather use validator) @@ -167,7 +171,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { } GetNextRequestType nextRequest = stalObjFactory.createGetNextRequestType(); nextRequest.setSessionId(sessionId); - nextRequest.getInfoboxReadResponseOrSignResponseOrErrorResponse().addAll(responses); + nextRequest.getInfoboxReadResponseOrSignResponseOrBulkSignResponse().addAll(responses); nextRequestResp = stalPort.getNextRequest(nextRequest); } } diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java index b2c084bd..9f7061b1 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java @@ -32,27 +32,31 @@ import java.security.DigestException; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; +import java.util.LinkedList; import java.util.List; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egiz.bku.gui.BKUGUIFacade; -import at.gv.egiz.bku.smccstal.SecureViewer; +import at.gv.egiz.bku.gui.hashdata.HashDataInputLoader; +import at.gv.egiz.bku.gui.viewer.SecureViewer; import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.SignatureInfo; +import at.gv.egiz.stal.hashdata.StubHashDataInput; import at.gv.egiz.stal.impl.ByteArrayHashDataInput; import at.gv.egiz.stal.service.GetHashDataInputFault; import at.gv.egiz.stal.service.STALPortType; import at.gv.egiz.stal.service.types.GetHashDataInputResponseType; import at.gv.egiz.stal.service.types.GetHashDataInputType; import at.gv.egiz.stal.signedinfo.ReferenceType; -import at.gv.egiz.stal.signedinfo.SignedInfoType; /** * * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> */ -public class AppletSecureViewer implements SecureViewer { +public class AppletSecureViewer implements SecureViewer, HashDataInputLoader { private static final Logger log = LoggerFactory.getLogger(AppletSecureViewer.class); @@ -86,19 +90,19 @@ public class AppletSecureViewer implements SecureViewer { * @throws java.lang.Exception */ @Override - public void displayDataToBeSigned(SignedInfoType signedInfo, + public void displayDataToBeSigned(SignatureInfo signatureInfo, ActionListener okListener, String okCommand) throws DigestException, Exception { if (verifiedDataToBeSigned == null) { - log.info("Retrieve data to be signed for dsig:SignedInfo {}.", signedInfo.getId()); + log.info("Retrieve data to be signed for dsig:SignedInfo {}.", signatureInfo.getId()); List hdi = - getHashDataInput(signedInfo.getReference()); - verifiedDataToBeSigned = verifyHashDataInput(signedInfo.getReference(), + getHashDataInput(signatureInfo.getReference()); + verifiedDataToBeSigned = verifyHashDataInput(signatureInfo.getReference(), hdi); } if (verifiedDataToBeSigned.size() > 0) { - gui.showSecureViewer(verifiedDataToBeSigned, okListener, okCommand); + gui.showSecureViewer(verifiedDataToBeSigned, okListener, okCommand, this); } else { throw new Exception("No data to be signed (apart from any QualifyingProperties or a Manifest)"); } @@ -119,14 +123,16 @@ public class AppletSecureViewer implements SecureViewer { //don't get Manifest, QualifyingProperties, ... if (signedRef.getType() == null) { String signedRefId = signedRef.getId(); - if (signedRefId != null) { - log.trace("Requesting hashdata input for reference {}.", signedRefId); + byte[] digest = signedRef.getDigestValue(); + if (signedRefId != null || digest != null) { + log.trace("Requesting hashdata input for reference {}.", new String(digest)); GetHashDataInputType.Reference ref = new GetHashDataInputType.Reference(); ref.setID(signedRefId); + ref.setDigest(digest); request.getReference().add(ref); } else { - throw new Exception("Cannot resolve signature data for dsig:Reference without Id attribute"); + throw new Exception("Cannot resolve signature data for dsig:Reference without Id or digest attribute"); } } } @@ -259,4 +265,76 @@ public class AppletSecureViewer implements SecureViewer { } return md.digest(hashDataInput); } + + @Override + public void displayDataToBeSigned(List signatureInfoList, ActionListener okListener, String okCommand) + throws DigestException, Exception { + + log.trace("Creating referenceMap"); + + for (SignatureInfo signatureInfo : signatureInfoList) { + for (ReferenceType reference : signatureInfo.getReference()) { + log.trace("Adding entry {} : {} to referenceMap", reference.getDigestValue(), reference.getId()); + } + } + + ArrayList selectedHashDataInputs = new ArrayList(); + + log.trace("Adding empty hashDataInputs to selectedHashDataInputs"); + for (SignatureInfo nextSignatureInfo : signatureInfoList) { + log.trace("Adding {} : {} to selectedHashDataInputs", nextSignatureInfo.getId(), nextSignatureInfo.getReference().get(0).getDigestValue()); + selectedHashDataInputs.addAll(addEmptyHashDataInputs(nextSignatureInfo)); + } + + log.trace("Show Secure Viewer for selectedHashDataInputs"); + gui.showSecureViewer(selectedHashDataInputs, okListener, okCommand, this); + + } + + + @Override + public HashDataInput getHashDataInput(HashDataInput hashDataInput) throws Exception { + + if (hashDataInput instanceof StubHashDataInput) { + + StubHashDataInput stabHashDataInput = (StubHashDataInput) hashDataInput; + + ReferenceType reference = stabHashDataInput.getReference(); + + List hashDataInputs = new LinkedList(); + + if (reference != null) { + log.trace("Retrieve data to be signed for dsig:SignedInfo {}.", hashDataInput.getReferenceId()); + List hdi = getHashDataInput(Arrays.asList(reference)); + hashDataInputs = verifyHashDataInput(Arrays.asList(reference), hdi); + + if (hashDataInputs.size() == 0) { + throw new Exception("No data to be signed (apart from any QualifyingProperties or a Manifest)"); + } + + return hashDataInputs.get(0); + } + + throw new Exception("No reference found for hashDataInput with id " + hashDataInput.getReferenceId()); + } + return hashDataInput; + } + + private Collection addEmptyHashDataInputs(SignatureInfo signedInfo) throws Exception { + if (signedInfo.getReference().size() == 0) { + log.error("No hashdata input selected to be displayed: null."); + throw new Exception("No HashData Input selected to be displayed."); + } + + log.trace("Adding HashDataInputs from signedInfo"); + ArrayList selectedHashDataInputs = new ArrayList(); + for (ReferenceType dsigRef : signedInfo.getReference()) { + + if (dsigRef.getType() == null) { + log.trace("Adding HashDataInput with id {}, name {} of type {}",new Object[]{dsigRef.getId(), signedInfo.getDisplayName(), signedInfo.getMimeType()}); + selectedHashDataInputs.add(new StubHashDataInput(dsigRef, signedInfo.getDisplayName(), signedInfo.getMimeType())); + } + } + return selectedHashDataInputs; + } } diff --git a/BKUApplet/src/test/java/at/gv/egiz/stal/client/STALServiceTest.java b/BKUApplet/src/test/java/at/gv/egiz/stal/client/STALServiceTest.java index f3967619..057a9c90 100644 --- a/BKUApplet/src/test/java/at/gv/egiz/stal/client/STALServiceTest.java +++ b/BKUApplet/src/test/java/at/gv/egiz/stal/client/STALServiceTest.java @@ -69,8 +69,8 @@ public class STALServiceTest { // req.getResponse().add(new ErrorResponse(1234)); GetNextRequestResponseType nrResp = port.getNextRequest(nrReq); assertNotNull(nrResp); - System.out.println("got response: " + nrResp.getInfoboxReadRequestOrSignRequestOrQuitRequest().size()); - for (JAXBElement stalReqElt : nrResp.getInfoboxReadRequestOrSignRequestOrQuitRequest()) { + System.out.println("got response: " + nrResp.getInfoboxReadRequestOrSignRequestOrBulkSignRequest().size()); + for (JAXBElement stalReqElt : nrResp.getInfoboxReadRequestOrSignRequestOrBulkSignRequest()) { RequestType stalReq = stalReqElt.getValue(); if (stalReq instanceof InfoboxReadRequestType) { String ibid = ((InfoboxReadRequestType) stalReq).getInfoboxIdentifier(); -- cgit v1.2.3